<?php

function validateAdmin()
{
	//this is a security measure
	session_regenerate_id();
	###
	$token = session_id();
	###
	mysql_query( "UPDATE `".DBPREFIX."admin` SET `token` = '".$token."' WHERE `adminid` = '".$_SESSION['adminid']."'" );
}

function validateClient()
{
	session_regenerate_id();
	###
	$token = session_id();
	###
	mysql_query( "UPDATE `".DBPREFIX."client` SET `token` = '".$token."' WHERE `clientid` = '".$_SESSION['clientid']."'" );
}



/**
 * Checking if a User is Logged In
 *
 * This function checks the session variable "validclient" / "validadmin"
 *
 * http://tinsology.net/2009/06/creating-a-secure-login-system-the-right-way/
 */
function isAdminLoggedIn()
{
	if (!empty($_SESSION['adminid']) && is_numeric($_SESSION['adminid']))
	{
		$adminverify = $GLOBALS['webwiDB']->query( "SELECT `username` FROM ".$GLOBALS['webwiDB']->prefix('admin')." WHERE `adminid` = '".$_SESSION['adminid']."' && `status` = 'Active'" );
		if ($GLOBALS['webwiDB']->numRows($adminverify) == 1)
		{
			return TRUE;
		}
		unset($adminverify);
	}
	return FALSE;
}

function isClientLoggedIn()
{
	if (!empty($_SESSION['clientid']) && is_numeric($_SESSION['clientid']))
	{
		$clientverify = $GLOBALS['webwiDB']->query( "SELECT `username` FROM ".$GLOBALS['webwiDB']->prefix('client')." WHERE `clientid` = '".$_SESSION['clientid']."' && `status` = 'Active'" );
		if ($GLOBALS['webwiDB']->numRows($clientverify) == 1)
		{
			return TRUE;
		}
		unset($clientverify);
	}
	return FALSE;
}



/**
 * Logging Out
 *
 * http://tinsology.net/2009/06/creating-a-secure-login-system-the-right-way/
 */
function logout()
{
	$_SESSION = array(); //Destroy session variables
	session_destroy();
}

?>


